Re: [PATCH 08/15] gnu: build: Add Linux container module.

guix-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH 08/15] gnu: build: Add Linux container module.

From:	Ludovic Courtès
Subject:	Re: [PATCH 08/15] gnu: build: Add Linux container module.
Date:	Tue, 07 Jul 2015 15:51:01 +0200
User-agent:	Gnus/5.13 (Gnus v5.13) Emacs/24.5 (gnu/linux)

David Thompson <address@hidden> skribis:

> * gnu/build/linux-container.scm: New file.
> * gnu-system.am (GNU_SYSTEM_MODULES): Add it.
> * .dir-locals.el: Add Scheme indent rules for 'call-with-clone', 'with-clone',
>   'call-with-container', and 'container-excursion'.
> * tests/containers.scm: New file.
> * Makefile.am (SCM_TESTS): Add it.

[...]

> +(define (mount-flags->bit-mask flags)
> +  "Return the number suitable for the 'flags' argument of 'mount' that
> +corresponds to the symbols listed in FLAGS."
> +  (let loop ((flags flags))
> +    (match flags
> +      (('read-only rest ...)
> +       (logior MS_RDONLY (loop rest)))
> +      (('bind-mount rest ...)
> +       (logior MS_BIND (loop rest)))
> +      (('no-suid rest ...)
> +       (logior MS_NOSUID (loop rest)))
> +      (('no-dev rest ...)
> +       (logior MS_NODEV (loop rest)))
> +      (('no-exec rest ...)
> +       (logior MS_NOEXEC (loop rest)))
> +      (()
> +       0))))
> +
> +(define* (mount-file-system spec root)
> +  "Mount the file system described by SPEC under ROOT.  SPEC must have the
> +form:
> +
> +  (DEVICE TITLE MOUNT-POINT TYPE (FLAGS ...) OPTIONS CHECK?)

Could we share these two procedures with (gnu build file-systems)?

I suspect the problem you encountered is that (gnu build file-systems)
doesn’t use (guix build syscalls), and instead expects the
statically-linked Guile with the guile-syscalls.patch.

To work around that, I think we should shamelessly add something like
this in (gnu build file-system):

  (unless (defined? 'mount)
    (module-use! (current-module)
                 (resolve-interface '(guix build syscalls))))

WDYT?

> +(define (namespaces->bit-mask namespaces)
> +  "Return the number suitable for the 'flags' argument of 'clone' that
> +corresponds to the symbols in NAMESPACES."

I would be in favor of “name spaces” (two words), but maybe that’s
because I’m an old fart, so I won’t insist.

> +(test-assert "call-with-container, pid namespace"
> +  (zero?
> +   (call-with-container '()
> +     (lambda ()
> +       (match (primitive-fork)
> +         (0
> +          ;; The first forked process in the new pid namespace is pid 2.
> +          (assert-exit (= 2 (getpid))))

But its parent doesn’t sees itself as PID 1?

Thanks,
Ludo’.

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [PATCH 06/15] build: syscalls: Add setns syscall wrapper., (continued)
- [PATCH 10/15] gnu: system: Move file-system->spec to (gnu system file-systems)., David Thompson, 2015/07/06
  - Re: [PATCH 10/15] gnu: system: Move file-system->spec to (gnu system file-systems)., Ludovic Courtès, 2015/07/07
    - Re: [PATCH 10/15] gnu: system: Move file-system->spec to (gnu system file-systems)., Thompson, David, 2015/07/07
- [PATCH 09/15] gnu: system: Move <file-system-mapping> into (gnu system file-systems)., David Thompson, 2015/07/06
  - Re: [PATCH 09/15] gnu: system: Move <file-system-mapping> into (gnu system file-systems)., Ludovic Courtès, 2015/07/07
    - Re: [PATCH 09/15] gnu: system: Move <file-system-mapping> into (gnu system file-systems)., Thompson, David, 2015/07/07
- [PATCH 13/15] scripts: system: Add 'container' action., David Thompson, 2015/07/06
  - Re: [PATCH 13/15] scripts: system: Add 'container' action., Ludovic Courtès, 2015/07/07
- [PATCH 08/15] gnu: build: Add Linux container module., David Thompson, 2015/07/06
  - Re: [PATCH 08/15] gnu: build: Add Linux container module., Ludovic Courtès <=
    - Re: [PATCH 08/15] gnu: build: Add Linux container module., Thompson, David, 2015/07/08
    - Re: [PATCH 08/15] gnu: build: Add Linux container module., Ludovic Courtès, 2015/07/08
    - Re: [PATCH 08/15] gnu: build: Add Linux container module., Thompson, David, 2015/07/09
- [PATCH 12/15] gnu: system: Add Linux container file systems., David Thompson, 2015/07/06
  - Re: [PATCH 12/15] gnu: system: Add Linux container file systems., Ludovic Courtès, 2015/07/07
    - Re: [PATCH 12/15] gnu: system: Add Linux container file systems., Thompson, David, 2015/07/09
- [PATCH 14/15] scripts: environment: Add --container option., David Thompson, 2015/07/06
  - Re: [PATCH 14/15] scripts: environment: Add --container option., Ludovic Courtès, 2015/07/07
    - Re: [PATCH 14/15] scripts: environment: Add --container option., Thompson, David, 2015/07/09
    - Re: [PATCH 14/15] scripts: environment: Add --container option., Ludovic Courtès, 2015/07/10

Prev by Date: Re: [PATCH 12/15] gnu: system: Add Linux container file systems.
Next by Date: Re: [PATCH 07/15] build: syscalls: Add pivot-root.
Previous by thread: [PATCH 08/15] gnu: build: Add Linux container module.
Next by thread: Re: [PATCH 08/15] gnu: build: Add Linux container module.
Index(es):
- Date
- Thread